<?php
include_once __DIR__.'/CustomerMgr.class.php';

class CheckOutMgr 
	{
		private $dbc;
		private $customerMgr;
		
		 public function __construct($dbc = null)
	     {
	            if (isset($dbc))
	            {
	                $this->dbc = $dbc;
	            }
	     }
	     
	     function checkCustomerSession()
	     {
			// Start the session:
			session_start();
			
			// The session ID is the user's cart ID:
			$uid = session_id();
			
			// Check that this is valid:
			if (!isset($_SESSION['customer_id'])) { // Redirect the user.
				header("Location: checkout.php");
				exit();
			}
	     	
	     }
	     
	     
	     function checkUserSession()
	     {
	     	// Check for the user's session ID, to retrieve the cart contents:
			if ($_SERVER['REQUEST_METHOD'] == 'GET') {
				if (isset($_GET['session'])) {
					$uid = $_GET['session'];
					// Use the existing user ID:
					session_id($uid);
					// Start the session:
					if (!isset($_SESSION)) {
                                            session_start();
                                        }
				} else { // Redirect the user.
					header("Location: cart.php");
					exit();
				}
			} else { // POST request.
				if (!isset($_SESSION)) {
                                    session_start();
                                }
				$uid = session_id();
			}
	     	
			return $uid;
	     }
	     
	     
	     
	     
	     function validateAddressForm()
	     {
	     		
	     		$errors=array();
	     		$fn=null;$ln=null;$a1=null;$a2=null;$c=null;$s=null;$z=null;$p=null;$e=null;
	     		// Check for Magic Quotes:
				if (get_magic_quotes_gpc()) {
					$_POST['first_name'] = stripslashes($_POST['first_name']);
					$_POST['last_name'] = stripslashes($_POST['last_name']);
					$_POST['address1'] = stripslashes($_POST['address1']);
					$_POST['address2'] = stripslashes($_POST['address2']);
					$_POST['city'] = stripslashes($_POST['city']);
					$_POST['state'] = stripslashes($_POST['state']);
					// Repeat for other variables that could be affected.
				}
			
				// Check for a first name:
				if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $_POST['first_name'])) {
					$fn = addslashes($_POST['first_name']);
				} else {
					$errors['first_name'] = 'Please enter your first name!';
				}
				
				// Check for a last name:
				if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $_POST['last_name'])) {
					$ln  = addslashes($_POST['last_name']);
				} else {
					$errors['last_name'] = 'Please enter your last name!';
				}
				
				// Check for a street address:
				if (preg_match ('/^[A-Z0-9 \',.#-]{2,80}$/i', $_POST['address1'])) {
					$a1  = addslashes($_POST['address1']);
				} else {
					$errors['address1'] = 'Please enter your street address!';
				}
				
				// Check for a second street address:
				if (empty($_POST['address2'])) {
					$a2 = NULL;
				} elseif (preg_match ('/^[A-Z0-9 \',.#-]{2,80}$/i', $_POST['address2'])) {
					$a2 = addslashes($_POST['address2']);
				} else {
					$errors['address2'] = 'Please enter your street address!';
				}
				
				// Check for a city:
				if (preg_match ('/^[A-Z \'.-]{2,60}$/i', $_POST['city'])) {
					$c = addslashes($_POST['city']);
				} else {
					$errors['city'] = 'Please enter your city!';
				}
				
				// Check for a state:
				if (preg_match ('/^[A-Z \'.-]{2,60}$/i', $_POST['state'])) {
					$s = $_POST['state'];
				} else {
					$errors['state'] = 'Please enter your state!';
				}
				
				// Check for a zip code:
				if (preg_match ('/^([0-9]{6})$/', $_POST['zip'])) {
					$z = $_POST['zip'];
				} else {
					$errors['zip'] = 'Please enter your zip code!';
				}
				
				// Check for a phone number:
				// Strip out spaces, hyphens, and parentheses:
				$phone = str_replace(array(' ', '-', '(', ')'), '', $_POST['phone']);
				if (preg_match ('/^[0-9]{10}$/', $phone)) {
					$p  = $phone;
				} else {
					$errors['phone'] = 'Please enter your phone number!';
				}
				
				// Check for an email address:
				if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
					$e = $_POST['email'];
					$_SESSION['email'] = $_POST['email'];
				} else {
					$errors['email'] = 'Please enter a valid email address!';
				}
				
				
	     	return array($errors,$fn,$ln,$a1,$a2,$c,$s,$z,$p,$e);
	     }
	}   
